SUMMARY

@pyrodie18 @BGmot Hey bros, this again breaks stuff in a minor release 🙀
FYI We originally contributed the whole logic behind zabbix_agent_tlspsk_auto
Again goal was security by default and avoid Zabbix's unencrypted by default.
Breaking commits came for issue #1338 via PR #1343 and released as 3.0.4

ISSUE TYPE

• Bug Report

COMPONENT NAME

zabbix_agent role

ANSIBLE VERSION

ansible [core 2.16.8]
  config file = /home/ansible/ansible.cfg
  configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.10.12 (main, Mar 22 2024, 16:50:05) [GCC 11.4.0] (/usr/bin/python3)
  jinja version = 3.0.3
  libyaml = True

OS / ENVIRONMENT / Zabbix Version

Ubuntu 22.04 LTS / Ansible Conroller / Zabbix 6.0 LTS>

STEPS TO REPRODUCE

Enabling zabbix_agent_tlspsk_auto leads now to TLSAccept=psk,unencrypted

Beside insecure defaults it also functionally breaks the zabbix_agent role: